You are here:

Defence Research and Development Canada, Ottawa Research Centre, Ottawa ON (CAN);Bell Canada, Ottawa ONT (CAN);Sphyrna Security, Kanata ON (CAN)

Abstract

The Cyber Decision Making and Response (CDMR) project is conducting research on approaches to Computer Network Defence (CND) information sharing within coalition environments. The ARMOUR automated computer network defence Technology Demonstrator (TD), a component of CDMR that is currently being developed by General Dynamics Mission Systems – Canada, will provide a means to compute, prioritize, and execute courses of action in the cyber domain. The ARMOUR system will collect and integrate internal network data with external data such as vulnerabilities, threats, and mission information. ARMOUR utilises an attack-graph approach to generating courses of action (COAs) for remediating vulnerabilities, and computes various metrics (e.g., operational priority, security posture, costs) in order to recommend and/or initiate appropriate COAs. The ARMOUR system is designed for modularity, and its core feature is an integration framework with interfaces based on open standards. ARMOUR is currently being designed as a centralised system aimed at defending traditional enterprise networks. However, ARMOUR’s collection, analysis, and output of network, vulnerability, and mission data can contribute to improving cyber defence situational awareness in more than just enterprise environments.